Author Topic: Secure Mail Server Issues  (Read 80134 times)

0 Members and 2 Guests are viewing this topic.

RookieCAF

  • Guest
Secure Mail Server Issues
« on: November 16, 2004, 02:11:43 AM »
Having a severe problem with Avast 4.5 and my secure smtp server. Looking for any hints people may have, I get some funky icon when I try to send email and some kind of connection times out and just messes everything up.

I can't send anything outside my domain..

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re:Secure Mail Server Issues
« Reply #1 on: November 16, 2004, 02:22:52 AM »
I don't understand about secure servers so much...
I know that avast does not support SSL connections...  ::)
The best things in life are free.

RookieCAF

  • Guest
Re:Secure Mail Server Issues
« Reply #2 on: November 17, 2004, 03:11:32 AM »
Yup, I disabled Mail Protection, the setting finally stuck and I now have email. I wonder if they have any plans of supporting SSL Connections in the future.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re:Secure Mail Server Issues
« Reply #3 on: November 17, 2004, 12:40:14 PM »
I think that this has been discussed before and Vlk commented on it, so a search for SSL in the forums may return more information.

Secure by its nature is designed to keep prying eyes out, so that would include anti-virus prying eyes to.

I believe it would be very difficult to support as avast isn't the recipient or initiating client, so is outside the Secure Socket Layer (these are just my thoughts, not fact, or Alwil's).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Secure Mail Server Issues
« Reply #4 on: November 17, 2004, 12:51:51 PM »
So your mail server requires SSL and still uses the normal port numbers (25, 110)??

BTW what mail client are you using?

Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

RookieCAF

  • Guest
Re:Secure Mail Server Issues
« Reply #5 on: November 18, 2004, 04:51:38 PM »
995 incoming and 25 Outgoing. Using Thunderbird .9

Its no biggie, but it was just kinda frustrating that it was on by default without asking me about it, and the setting didn't appear to stick on a couple attempts.

Overall I love the product..

t_r_davies

  • Guest
Re:Secure Mail Server Issues
« Reply #6 on: November 18, 2004, 05:58:23 PM »
Hi RookieCAF,

You could do what I do to access my mail securely: use stunnel (http://www.stunnel.org/) to provide the SSL connection and set up your mail client to connect to stunnel.

I have stunnel listening on ports 25 and 110 (SMTP and POP3) on localhost, and have Outlook Express configured to connect to localhost.  I've put "IgnoreLocalhost=0" into the avast4.ini [MailScanner] section so avast! scans connections made on 127.0.0.1.  Avast! transparently scans the localhost connection to stunnel, which then provides the SSL connection to the mailservers.  My stunnel.conf is as follows:

--Cut--
# We're running as a client to SSLify the GMX mail connection
client=yes

# POP3 service, listens on localhost:110
[gmx-pop3s]
accept=localhost:110
connect=pop.gmx.net:995

# SMTP service, listens on localhost:25
[gmx-smtps]
accept=localhost:25
connect=mail.gmx.net:465
--Cut--

It all works perfectly, although I did have to do a bit of fiddling around when avast! 4.5 was released.  If you want any help, don't hesitate to get in touch ;)

Vlk: searching the forum for stunnel yields a few posts (about 10), but how about putting up a sticky post to help people who want to secure their connections and still be able to use avast!?  I could even write the post for you if you want :)
« Last Edit: November 18, 2004, 08:45:02 PM by t_r_davies »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Secure Mail Server Issues
« Reply #7 on: November 19, 2004, 02:30:01 PM »
Thanks t_r_davies
Welcome to the forum
This is also our answer for pop3 and gmail which also requires SSL.
I think a sticky thread for this is an excellent idea.
Stick around. We could use you in here. ;D
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

peterfu

  • Guest
Re:Secure Mail Server Issues
« Reply #8 on: November 19, 2004, 02:37:10 PM »
may be it's also a good idea to put in in the FAQ - SSL becomes more and more usual
br
Peter

shatadal

  • Guest
Re:Secure Mail Server Issues
« Reply #9 on: November 23, 2004, 04:11:59 AM »
Quote
I have stunnel listening on ports 25 and 110 (SMTP and POP3) on localhost, and have Outlook Express configured to connect to localhost.  I've put "IgnoreLocalhost=0" into the avast4.ini [MailScanner] section so avast! scans connections made on 127.0.0.1.  Avast! transparently scans the localhost connection to stunnel, which then provides the SSL connection to the mailservers.  My stunnel.conf is as follows:

--Cut--
# We're running as a client to SSLify the GMX mail connection
client=yes

# POP3 service, listens on localhost:110
[gmx-pop3s]
accept=localhost:110
connect=pop.gmx.net:995

# SMTP service, listens on localhost:25
[gmx-smtps]
accept=localhost:25
connect=mail.gmx.net:465
--Cut--

To do this do I have to pass all my mail connections through stunnel? What I mean is I have other non SSL accounts which use ports 25, 110 and 143. If I use the above settings would I still be able to access them?

t_r_davies

  • Guest
Re:Secure Mail Server Issues
« Reply #10 on: November 23, 2004, 03:04:23 PM »
To do this do I have to pass all my mail connections through stunnel? What I mean is I have other non SSL accounts which use ports 25, 110 and 143. If I use the above settings would I still be able to access them?

No, you don't have to pass all your mail connections through stunnel.  If you configure stunnel as I did then you just have to reconfigure the account you want to secure to use "localhost" as the POP and SMTP servers.  Your can just leave your other non-SSL accounts' settings as they are and they will continue to operate as normal.  I configured stunnel to listen on the default POP and SMTP ports so I didn't have to change the port numbers in the Outlook Express account settings.

I've been too busy to ask one of the moderators yet about putting up a sticky post regarding SSL and stunnel, but I should have time to do it today.  If they agree, I'll do a detailed explanation of exactly how to configure everything.
« Last Edit: November 23, 2004, 03:36:48 PM by t_r_davies »

shatadal

  • Guest
Re:Secure Mail Server Issues
« Reply #11 on: November 23, 2004, 09:10:15 PM »
Thanks a lot for your suggestion t_r_davies. I have been able to get it to work though it doesn't work with the port numbers you gave in your example. stunnel doesn't want to start. Thanks again.

t_r_davies

  • Guest
Re:Secure Mail Server Issues
« Reply #12 on: November 23, 2004, 09:24:10 PM »
Thanks a lot for your suggestion t_r_davies. I have been able to get it to work though it doesn't work with the port numbers you gave in your example. stunnel doesn't want to start. Thanks again.

Happy to help :)  I've actually just changed my setup to have stunnel listening on ports 11025 and 11110, to keep it similar to the port numbers the avast! mail scanner uses (12025, 12110 and 12143).  It makes it easier to remember!  I'm also using SpamBayes (listening on port 10110, which complicates matters slightly, but that's the gist of my configuration.

Does stunnel start if you change the port numbers (try 11025 and 11110 like I'm now using)?  Also, are you running it as a service (if you're on Win2K/XP) or as a normal process?

shatadal

  • Guest
Re:Secure Mail Server Issues
« Reply #13 on: November 24, 2004, 09:19:33 AM »
I use other ports like 350, 1600 etc. Kind of non standard and illogical I guess, but I can always look up stunnel.conf.

As for starting it, I made a shortcut to stunnel and put it in ~\Start Menu\Programs\Startup so it starts up whenever I login to my user account. I run it as a user.

How do you run it as a service? What exactly is the difference between a service and a normal process?

t_r_davies

  • Guest
Re:Secure Mail Server Issues
« Reply #14 on: November 24, 2004, 01:39:35 PM »
I use other ports like 350, 1600 etc. Kind of non standard and illogical I guess, but I can always look up stunnel.conf.

As for starting it, I made a shortcut to stunnel and put it in ~\Start Menu\Programs\Startup so it starts up whenever I login to my user account. I run it as a user.

How do you run it as a service? What exactly is the difference between a service and a normal process?

Provided you're running WinNT, 2K or XP, you can run stunnel as a service by running "stunnel -install" at a command prompt (you need to be Administrator to do this).  A service can be started at boot-time so it runs continuously while the machine is on (even when no-one is logged on), services can also be stopped, started and paused using the Service Manager.  Running stunnel from the Startup group is fine though, that way it will exit when you log off.
« Last Edit: November 24, 2004, 01:40:57 PM by t_r_davies »